Skip to content

Commit

Permalink
sql: add syntax for supporting security definer
Browse files Browse the repository at this point in the history 
This patch adds the syntax needed for supporting security
definer. Right now, if a routine is specified with
`[EXTERNAL] SECURITY {INVOKER | DEFINER}`, it is a no-op.

Informs: #121514
Epic: CRDB-37477

Release note: None
  • Loading branch information
@annrpom
annrpom committed Aug 9, 2024
1 parent c80a197 commit 70cfc79
Show file tree
Hide file tree
Showing 65 changed files with 659 additions and 177 deletions.
2 changes: 1 addition & 1 deletion docs/generated/sql/bnf/alter_func_stmt.bnf
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
alter_func_stmt ::=
( 'ALTER' 'FUNCTION' function_with_paramtypes ( ( ( 'CALLED' 'ON' 'NULL' 'INPUT' | 'RETURNS' 'NULL' 'ON' 'NULL' 'INPUT' | 'STRICT' | 'IMMUTABLE' | 'STABLE' | 'VOLATILE' | 'LEAKPROOF' | 'NOT' 'LEAKPROOF' ) ) ( ( ( 'CALLED' 'ON' 'NULL' 'INPUT' | 'RETURNS' 'NULL' 'ON' 'NULL' 'INPUT' | 'STRICT' | 'IMMUTABLE' | 'STABLE' | 'VOLATILE' | 'LEAKPROOF' | 'NOT' 'LEAKPROOF' ) ) )* ) ( 'RESTRICT' | ) )
( 'ALTER' 'FUNCTION' function_with_paramtypes ( ( ( 'CALLED' 'ON' 'NULL' 'INPUT' | 'RETURNS' 'NULL' 'ON' 'NULL' 'INPUT' | 'STRICT' | 'IMMUTABLE' | 'STABLE' | 'VOLATILE' | 'EXTERNAL' 'SECURITY' 'DEFINER' | 'EXTERNAL' 'SECURITY' 'INVOKER' | 'SECURITY' 'DEFINER' | 'SECURITY' 'INVOKER' | 'LEAKPROOF' | 'NOT' 'LEAKPROOF' ) ) ( ( ( 'CALLED' 'ON' 'NULL' 'INPUT' | 'RETURNS' 'NULL' 'ON' 'NULL' 'INPUT' | 'STRICT' | 'IMMUTABLE' | 'STABLE' | 'VOLATILE' | 'EXTERNAL' 'SECURITY' 'DEFINER' | 'EXTERNAL' 'SECURITY' 'INVOKER' | 'SECURITY' 'DEFINER' | 'SECURITY' 'INVOKER' | 'LEAKPROOF' | 'NOT' 'LEAKPROOF' ) ) )* ) ( 'RESTRICT' | ) )
| ( 'ALTER' 'FUNCTION' function_with_paramtypes 'RENAME' 'TO' function_new_name )
| ( 'ALTER' 'FUNCTION' function_with_paramtypes 'OWNER' 'TO' role_spec )
| ( 'ALTER' 'FUNCTION' function_with_paramtypes 'SET' 'SCHEMA' schema_name )
Expand Down
4 changes: 2 additions & 2 deletions docs/generated/sql/bnf/create_func.bnf
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
create_func_stmt ::=
'CREATE' ( 'OR' 'REPLACE' | ) 'FUNCTION' routine_create_name '(' ( ( ( ( routine_param | routine_param | routine_param ) ) ( ( ',' ( routine_param | routine_param | routine_param ) ) )* ) | ) ')' 'RETURNS' ( 'SETOF' | ) routine_return_type ( ( ( ( 'AS' routine_body_str | 'LANGUAGE' ('SQL' | 'PLPGSQL') | ( 'CALLED' 'ON' 'NULL' 'INPUT' | 'RETURNS' 'NULL' 'ON' 'NULL' 'INPUT' | 'STRICT' | 'IMMUTABLE' | 'STABLE' | 'VOLATILE' | 'LEAKPROOF' | 'NOT' 'LEAKPROOF' ) ) ) ( ( ( 'AS' routine_body_str | 'LANGUAGE' ('SQL' | 'PLPGSQL') | ( 'CALLED' 'ON' 'NULL' 'INPUT' | 'RETURNS' 'NULL' 'ON' 'NULL' 'INPUT' | 'STRICT' | 'IMMUTABLE' | 'STABLE' | 'VOLATILE' | 'LEAKPROOF' | 'NOT' 'LEAKPROOF' ) ) ) )* ) | )
| 'CREATE' ( 'OR' 'REPLACE' | ) 'FUNCTION' routine_create_name '(' ( ( ( ( routine_param | routine_param | routine_param ) ) ( ( ',' ( routine_param | routine_param | routine_param ) ) )* ) | ) ')' ( ( ( ( 'AS' routine_body_str | 'LANGUAGE' ('SQL' | 'PLPGSQL') | ( 'CALLED' 'ON' 'NULL' 'INPUT' | 'RETURNS' 'NULL' 'ON' 'NULL' 'INPUT' | 'STRICT' | 'IMMUTABLE' | 'STABLE' | 'VOLATILE' | 'LEAKPROOF' | 'NOT' 'LEAKPROOF' ) ) ) ( ( ( 'AS' routine_body_str | 'LANGUAGE' ('SQL' | 'PLPGSQL') | ( 'CALLED' 'ON' 'NULL' 'INPUT' | 'RETURNS' 'NULL' 'ON' 'NULL' 'INPUT' | 'STRICT' | 'IMMUTABLE' | 'STABLE' | 'VOLATILE' | 'LEAKPROOF' | 'NOT' 'LEAKPROOF' ) ) ) )* ) | )
'CREATE' ( 'OR' 'REPLACE' | ) 'FUNCTION' routine_create_name '(' ( ( ( ( routine_param | routine_param | routine_param ) ) ( ( ',' ( routine_param | routine_param | routine_param ) ) )* ) | ) ')' 'RETURNS' ( 'SETOF' | ) routine_return_type ( ( ( ( 'AS' routine_body_str | 'LANGUAGE' ('SQL' | 'PLPGSQL') | ( 'CALLED' 'ON' 'NULL' 'INPUT' | 'RETURNS' 'NULL' 'ON' 'NULL' 'INPUT' | 'STRICT' | 'IMMUTABLE' | 'STABLE' | 'VOLATILE' | 'EXTERNAL' 'SECURITY' 'DEFINER' | 'EXTERNAL' 'SECURITY' 'INVOKER' | 'SECURITY' 'DEFINER' | 'SECURITY' 'INVOKER' | 'LEAKPROOF' | 'NOT' 'LEAKPROOF' ) ) ) ( ( ( 'AS' routine_body_str | 'LANGUAGE' ('SQL' | 'PLPGSQL') | ( 'CALLED' 'ON' 'NULL' 'INPUT' | 'RETURNS' 'NULL' 'ON' 'NULL' 'INPUT' | 'STRICT' | 'IMMUTABLE' | 'STABLE' | 'VOLATILE' | 'EXTERNAL' 'SECURITY' 'DEFINER' | 'EXTERNAL' 'SECURITY' 'INVOKER' | 'SECURITY' 'DEFINER' | 'SECURITY' 'INVOKER' | 'LEAKPROOF' | 'NOT' 'LEAKPROOF' ) ) ) )* ) | )
| 'CREATE' ( 'OR' 'REPLACE' | ) 'FUNCTION' routine_create_name '(' ( ( ( ( routine_param | routine_param | routine_param ) ) ( ( ',' ( routine_param | routine_param | routine_param ) ) )* ) | ) ')' ( ( ( ( 'AS' routine_body_str | 'LANGUAGE' ('SQL' | 'PLPGSQL') | ( 'CALLED' 'ON' 'NULL' 'INPUT' | 'RETURNS' 'NULL' 'ON' 'NULL' 'INPUT' | 'STRICT' | 'IMMUTABLE' | 'STABLE' | 'VOLATILE' | 'EXTERNAL' 'SECURITY' 'DEFINER' | 'EXTERNAL' 'SECURITY' 'INVOKER' | 'SECURITY' 'DEFINER' | 'SECURITY' 'INVOKER' | 'LEAKPROOF' | 'NOT' 'LEAKPROOF' ) ) ) ( ( ( 'AS' routine_body_str | 'LANGUAGE' ('SQL' | 'PLPGSQL') | ( 'CALLED' 'ON' 'NULL' 'INPUT' | 'RETURNS' 'NULL' 'ON' 'NULL' 'INPUT' | 'STRICT' | 'IMMUTABLE' | 'STABLE' | 'VOLATILE' | 'EXTERNAL' 'SECURITY' 'DEFINER' | 'EXTERNAL' 'SECURITY' 'INVOKER' | 'SECURITY' 'DEFINER' | 'SECURITY' 'INVOKER' | 'LEAKPROOF' | 'NOT' 'LEAKPROOF' ) ) ) )* ) | )
4 changes: 4 additions & 0 deletions docs/generated/sql/bnf/stmt_block.bnf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3552,6 +3552,10 @@ common_routine_opt_item ::=
| 'IMMUTABLE'
| 'STABLE'
| 'VOLATILE'
| 'EXTERNAL' 'SECURITY' 'DEFINER'
| 'EXTERNAL' 'SECURITY' 'INVOKER'
| 'SECURITY' 'DEFINER'
| 'SECURITY' 'INVOKER'
| 'LEAKPROOF'
| 'NOT' 'LEAKPROOF'

Expand Down
4 changes: 4 additions & 0 deletions pkg/ccl/backupccl/testdata/backup-restore/plpgsql_procedures
View file
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,7 @@ SELECT create_statement FROM [SHOW CREATE PROCEDURE sc1.p1]
----
CREATE PROCEDURE sc1.p1(a sc1.enum1)
LANGUAGE plpgsql
SECURITY INVOKER
AS $$
DECLARE
foobar sc1.enum1;
Expand Down Expand Up @@ -134,6 +135,7 @@ SELECT create_statement FROM [SHOW CREATE PROCEDURE sc1.p1]
----
CREATE PROCEDURE sc1.p1(a sc1.enum1)
LANGUAGE plpgsql
SECURITY INVOKER
AS $$
DECLARE
foobar sc1.enum1;
Expand Down Expand Up @@ -300,6 +302,7 @@ SELECT create_statement FROM [SHOW CREATE PROCEDURE sc1.p1]
----
CREATE PROCEDURE sc1.p1(a sc1.enum1)
LANGUAGE plpgsql
SECURITY INVOKER
AS $$
DECLARE
foobar sc1.enum1;
Expand Down Expand Up @@ -341,6 +344,7 @@ SELECT create_statement FROM [SHOW CREATE PROCEDURE sc1.p1]
----
CREATE PROCEDURE sc1.p1(a sc1.enum1)
LANGUAGE plpgsql
SECURITY INVOKER
AS $$
DECLARE
foobar sc1.enum1;
Expand Down
6 changes: 6 additions & 0 deletions pkg/ccl/backupccl/testdata/backup-restore/plpgsql_user_defined_functions
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,6 +115,7 @@ CREATE FUNCTION sc1.f1(a sc1.enum1)
NOT LEAKPROOF
CALLED ON NULL INPUT
LANGUAGE plpgsql
SECURITY INVOKER
AS $$
DECLARE
x INT8 := 0;
Expand All @@ -140,6 +141,7 @@ CREATE FUNCTION sc2.f2()
NOT LEAKPROOF
CALLED ON NULL INPUT
LANGUAGE plpgsql
SECURITY INVOKER
AS $$
DECLARE
x INT8;
Expand Down Expand Up @@ -176,6 +178,7 @@ CREATE FUNCTION sc1.f1(a sc1.enum1)
NOT LEAKPROOF
CALLED ON NULL INPUT
LANGUAGE plpgsql
SECURITY INVOKER
AS $$
DECLARE
x INT8 := 0;
Expand All @@ -196,6 +199,7 @@ CREATE FUNCTION sc2.f2()
NOT LEAKPROOF
CALLED ON NULL INPUT
LANGUAGE plpgsql
SECURITY INVOKER
AS $$
DECLARE
x INT8;
Expand Down Expand Up @@ -366,6 +370,7 @@ CREATE FUNCTION sc1.f1(a sc1.enum1)
NOT LEAKPROOF
CALLED ON NULL INPUT
LANGUAGE plpgsql
SECURITY INVOKER
AS $$
DECLARE
x INT8;
Expand Down Expand Up @@ -409,6 +414,7 @@ CREATE FUNCTION sc1.f1(a sc1.enum1)
NOT LEAKPROOF
CALLED ON NULL INPUT
LANGUAGE plpgsql
SECURITY INVOKER
AS $$
DECLARE
x INT8;
Expand Down
4 changes: 4 additions & 0 deletions pkg/ccl/backupccl/testdata/backup-restore/procedures
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,7 @@ SELECT create_statement FROM [SHOW CREATE PROCEDURE sc1.p1]
----
CREATE PROCEDURE sc1.p1(a sc1.enum1)
LANGUAGE SQL
SECURITY INVOKER
AS $$
SELECT a FROM db1.sc1.tbl1;
SELECT 'Good':::sc1.enum1;
Expand Down Expand Up @@ -124,6 +125,7 @@ SELECT create_statement FROM [SHOW CREATE PROCEDURE sc1.p1]
----
CREATE PROCEDURE sc1.p1(a sc1.enum1)
LANGUAGE SQL
SECURITY INVOKER
AS $$
SELECT a FROM db1_new.sc1.tbl1;
SELECT 'Good':::sc1.enum1;
Expand Down Expand Up @@ -280,6 +282,7 @@ SELECT create_statement FROM [SHOW CREATE PROCEDURE sc1.p1]
----
CREATE PROCEDURE sc1.p1(a sc1.enum1)
LANGUAGE SQL
SECURITY INVOKER
AS $$
SELECT a FROM db1.sc1.tbl1;
SELECT 'Good':::sc1.enum1;
Expand Down Expand Up @@ -317,6 +320,7 @@ SELECT create_statement FROM [SHOW CREATE PROCEDURE sc1.p1]
----
CREATE PROCEDURE sc1.p1(a sc1.enum1)
LANGUAGE SQL
SECURITY INVOKER
AS $$
SELECT a FROM db1.sc1.tbl1;
SELECT 'Good':::sc1.enum1;
Expand Down
4 changes: 4 additions & 0 deletions pkg/ccl/backupccl/testdata/backup-restore/user-defined-functions
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,7 @@ CREATE FUNCTION sc1.f1(a sc1.enum1)
NOT LEAKPROOF
CALLED ON NULL INPUT
LANGUAGE SQL
SECURITY INVOKER
AS $$
SELECT a FROM db1.sc1.tbl1;
SELECT 'Good':::sc1.enum1;
Expand Down Expand Up @@ -127,6 +128,7 @@ CREATE FUNCTION sc1.f1(a sc1.enum1)
NOT LEAKPROOF
CALLED ON NULL INPUT
LANGUAGE SQL
SECURITY INVOKER
AS $$
SELECT a FROM db1_new.sc1.tbl1;
SELECT 'Good':::sc1.enum1;
Expand Down Expand Up @@ -275,6 +277,7 @@ CREATE FUNCTION sc1.f1(a sc1.enum1)
NOT LEAKPROOF
CALLED ON NULL INPUT
LANGUAGE SQL
SECURITY INVOKER
AS $$
SELECT a FROM db1.sc1.tbl1;
SELECT 'Good':::sc1.enum1;
Expand Down Expand Up @@ -312,6 +315,7 @@ CREATE FUNCTION sc1.f1(a sc1.enum1)
NOT LEAKPROOF
CALLED ON NULL INPUT
LANGUAGE SQL
SECURITY INVOKER
AS $$
SELECT a FROM db1.sc1.tbl1;
SELECT 'Good':::sc1.enum1;
Expand Down
5 changes: 5 additions & 0 deletions pkg/ccl/logictestccl/testdata/logic_test/procedure_params
View file
Original file line number Diff line number Diff line change
Expand Up @@ -347,6 +347,7 @@ SELECT create_statement FROM [SHOW CREATE PROCEDURE p_param_types];
----
CREATE PROCEDURE public.p_param_types(IN p1 INT8, INOUT p2 INT8, INOUT p3 INT8, OUT p4 INT8)
LANGUAGE plpgsql
SECURITY INVOKER
AS $$
BEGIN
SELECT p2, p3, p1;
Expand All @@ -368,6 +369,7 @@ SELECT create_statement FROM [SHOW CREATE PROCEDURE p_param_types];
----
CREATE PROCEDURE public.p_param_types(OUT param INT8)
LANGUAGE plpgsql
SECURITY INVOKER
AS $$
BEGIN
SELECT 1;
Expand Down Expand Up @@ -480,6 +482,7 @@ SELECT create_statement FROM [SHOW CREATE PROCEDURE p_default_names];
----
CREATE PROCEDURE public.p_default_names(OUT INT8, OUT param2 INT8, IN INT8, OUT column3 INT8)
LANGUAGE plpgsql
SECURITY INVOKER
AS $$
BEGIN
SELECT 3 INTO column3;
Expand All @@ -505,6 +508,7 @@ SELECT create_statement FROM [SHOW CREATE PROCEDURE p_default_names];
----
CREATE PROCEDURE public.p_default_names(OUT INT8, OUT param2 INT8, IN INT8, OUT INT8)
LANGUAGE plpgsql
SECURITY INVOKER
AS $$
BEGIN
param2 := 2;
Expand All @@ -526,6 +530,7 @@ SELECT create_statement FROM [SHOW CREATE PROCEDURE p_default_names];
----
CREATE PROCEDURE public.p_default_names(OUT INT8, OUT param2 INT8, IN in_param INT8, OUT INT8)
LANGUAGE plpgsql
SECURITY INVOKER
AS $$
BEGIN
SELECT in_param INTO param2;
Expand Down
7 changes: 7 additions & 0 deletions pkg/ccl/logictestccl/testdata/logic_test/show_create
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,7 @@ r1 CREATE FUNCTION public.r1()
NOT LEAKPROOF
CALLED ON NULL INPUT
LANGUAGE SQL
SECURITY INVOKER
AS $$
SELECT 1;
$$
Expand All @@ -85,6 +86,7 @@ r1 CREATE FUNCTION public.r1(i INT8)
NOT LEAKPROOF
CALLED ON NULL INPUT
LANGUAGE SQL
SECURITY INVOKER
AS $$
SELECT 1;
$$
Expand All @@ -95,11 +97,13 @@ SELECT * FROM [SHOW CREATE PROCEDURE r1] ORDER BY 2
----
r1 CREATE PROCEDURE public.r1(s STRING)
LANGUAGE SQL
SECURITY INVOKER
AS $$
SELECT 1;
$$
r1 CREATE PROCEDURE public.r1(s STRING, i INT8)
LANGUAGE SQL
SECURITY INVOKER
AS $$
SELECT 1;
$$
Expand Down Expand Up @@ -131,6 +135,7 @@ r2 CREATE FUNCTION sc.r2()
NOT LEAKPROOF
CALLED ON NULL INPUT
LANGUAGE SQL
SECURITY INVOKER
AS $$
SELECT 1;
$$
Expand All @@ -140,6 +145,7 @@ SHOW CREATE PROCEDURE r2
----
r2 CREATE PROCEDURE sc.r2(s STRING)
LANGUAGE SQL
SECURITY INVOKER
AS $$
SELECT 1;
$$
Expand Down Expand Up @@ -169,6 +175,7 @@ f112134 CREATE FUNCTION sc.f112134()
NOT LEAKPROOF
CALLED ON NULL INPUT
LANGUAGE plpgsql
SECURITY INVOKER
AS $$
DECLARE
x INT8 := 0;
Expand Down
11 changes: 11 additions & 0 deletions pkg/ccl/logictestccl/testdata/logic_test/udf_params
View file
Original file line number Diff line number Diff line change
Expand Up @@ -224,6 +224,7 @@ CREATE FUNCTION public.f_param_types(IN p1 INT8, INOUT p2 INT8, INOUT p3 INT8, O
NOT LEAKPROOF
CALLED ON NULL INPUT
LANGUAGE plpgsql
SECURITY INVOKER
AS $$
BEGIN
SELECT p2, p3, p1;
Expand All @@ -249,6 +250,7 @@ CREATE FUNCTION public.f_param_types(OUT param INT8)
NOT LEAKPROOF
CALLED ON NULL INPUT
LANGUAGE plpgsql
SECURITY INVOKER
AS $$
BEGIN
SELECT 1;
Expand Down Expand Up @@ -323,6 +325,7 @@ CREATE FUNCTION public.f_out_int(OUT param_new INT8)
NOT LEAKPROOF
CALLED ON NULL INPUT
LANGUAGE plpgsql
SECURITY INVOKER
AS $$
BEGIN
param_new := 2;
Expand Down Expand Up @@ -378,6 +381,7 @@ CREATE FUNCTION public.f_int(INOUT param INT8)
NOT LEAKPROOF
CALLED ON NULL INPUT
LANGUAGE plpgsql
SECURITY INVOKER
AS $$
BEGIN
param := 2;
Expand Down Expand Up @@ -408,6 +412,7 @@ CREATE FUNCTION public.f_int(IN param INT8, OUT param_out INT8)
NOT LEAKPROOF
CALLED ON NULL INPUT
LANGUAGE plpgsql
SECURITY INVOKER
AS $$
BEGIN
SELECT param INTO param_out;
Expand All @@ -432,6 +437,7 @@ CREATE FUNCTION public.f_int(OUT param_out INT8, IN param INT8)
NOT LEAKPROOF
CALLED ON NULL INPUT
LANGUAGE plpgsql
SECURITY INVOKER
AS $$
BEGIN
SELECT param INTO param_out;
Expand All @@ -456,6 +462,7 @@ CREATE FUNCTION public.f_int(INOUT param INT8)
NOT LEAKPROOF
CALLED ON NULL INPUT
LANGUAGE plpgsql
SECURITY INVOKER
AS $$
BEGIN
param := param;
Expand Down Expand Up @@ -488,6 +495,7 @@ CREATE FUNCTION public.f_default_names(OUT INT8, OUT param2 INT8, IN INT8, OUT I
NOT LEAKPROOF
CALLED ON NULL INPUT
LANGUAGE plpgsql
SECURITY INVOKER
AS $$
BEGIN
param2 := 2;
Expand Down Expand Up @@ -546,6 +554,7 @@ CREATE FUNCTION public.f_default_names(OUT INT8, OUT param2 INT8, IN INT8, OUT c
NOT LEAKPROOF
CALLED ON NULL INPUT
LANGUAGE plpgsql
SECURITY INVOKER
AS $$
BEGIN
SELECT 3 INTO column3;
Expand Down Expand Up @@ -575,6 +584,7 @@ CREATE FUNCTION public.f_default_names(OUT INT8, OUT param2 INT8, IN INT8, OUT I
NOT LEAKPROOF
CALLED ON NULL INPUT
LANGUAGE plpgsql
SECURITY INVOKER
AS $$
BEGIN
param2 := 2;
Expand All @@ -594,6 +604,7 @@ CREATE FUNCTION public.f_default_names(OUT INT8, OUT param2 INT8, IN in_param IN
NOT LEAKPROOF
CALLED ON NULL INPUT
LANGUAGE plpgsql
SECURITY INVOKER
AS $$
BEGIN
SELECT in_param INTO param2;
Expand Down
Loading

0 comments on commit 70cfc79

Please sign in to comment.